Eaton INDGW-X2, User Manual

Page 1: ...UPS Industrial Gateway Card INDGW X2 User s Guide English 10 18 2021 2 2 3 ...

Page 2: ...t Corporation in the United States and or other countries UNIX is a registered trademark of The Open Group Linux is the registered trademark of Linus Torvalds in the U S and other countries VMware is a registered trademark or trademark of VMware Inc in the United States and or other jurisdictions Google is a trademark of Google Inc All other trademarks are properties of their respective companies ...

Page 3: ...ring Modbus 23 2 5 1 Configuring the communication parameters 23 2 5 2 Available maps 23 2 5 3 Modbus communication monitoring tool 24 2 5 4 Example of supported Modbus mapping 24 3 CONTEXTUAL HELP OF THE WEB INTERFACE 29 3 1 Login page 29 3 1 1 Logging in for the first time 29 3 1 2 Troubleshooting 30 3 2 Home 30 3 2 1 Information Status on the top bar 31 3 2 2 Menu structure 31 3 2 3 Energy flow...

Page 4: ...de 155 3 9 3 Notice for proprietary elements 156 3 9 4 Access rights per profiles 156 3 10 Alarms 157 3 10 1 Alarm sorting 157 3 10 2 Active alarm counter 157 3 10 3 Alarm details 157 3 10 4 Alarm paging 158 3 10 5 Export 158 3 10 6 Clear 158 3 10 7 Alarms list with codes 158 3 10 8 Access rights per profiles 158 3 11 User profile 159 3 11 1 Access to the user profile 159 3 11 2 User profile 159 3...

Page 5: ...ation in a simple way 181 4 13 1 Web page 181 4 14 Subscribing to a set of alarms for email notification 181 4 14 1 Example 1 subscribing only to one alarm load unprotected 181 4 14 2 Example 2 subscribing to all Critical alarms and some specific Warnings 182 4 15 Saving Restoring Duplicating Network module configuration settings 184 4 15 1 Modifying the JSON configuration settings file 184 4 15 2...

Page 6: ...s 217 7 3 1 Settings 217 7 3 2 Meters 227 7 3 3 Sensors alarm configuration 228 7 3 4 User profile 228 7 4 Access rights per profiles 230 7 4 1 Home 230 7 4 2 Meters 230 7 4 3 Controls 230 7 4 4 Protection 230 7 4 5 Environment 230 7 4 6 Settings 231 7 4 7 Maintenance 231 7 4 8 Legal information 232 7 4 9 Alarms 232 7 4 10 User profile 232 7 4 11 Contextual help 232 7 4 12 CLI commands 233 7 5 Lis...

Page 7: ...on has failed error message on Software 269 8 2 1 Symptoms 269 8 2 2 Possible cause 269 8 2 3 Action 269 8 3 Client server is not restarting 269 8 3 1 Symptom 269 8 3 2 Possible Cause 269 8 3 3 Action 270 8 4 EMP detection fails at discovery stage 270 8 4 1 Symptom 1 270 8 4 2 Symptom 2 270 8 5 How do I log in if I forgot my password 271 8 5 1 Action 271 8 6 Software is not able to communicate wit...

Page 8: ...Action 273 8 11 The Network Module fails to boot after upgrading the firmware 273 8 11 1 Possible Cause 273 8 11 2 Action 274 8 12 Web user interface is not up to date after a FW upgrade 274 8 12 1 Symptom 274 ...

Page 9: ...atonUPS into an RS 485 Modbus network and also provides isolation of the communication between the UPS and the RS 485 Modbus network Use the terminal strip on the Modbus Network Module to wire into a two wire network Packing materials must be disposed of in compliance with all local regulations concerning waste Recycling symbols are printed on the packing materials to facilitate sorting It is not ...

Page 10: ... be continuous on the entire length of the bus and should be connected to ground earth at only one point to limit the flow of ground loop currents in the shield caused by ground potential differences 2 3 3 Two wire networks Interconnect R with T and R with T on the Modbus Network Module terminal strip Connect the RS 485 network signal to the R or T on the Modbus Network Module terminal strip Conne...

Page 11: ...ode to the impedance of the transmission line being used When impedances are mismatched the transmitted signal is not completely absorbed by the load and a portion is reflected into the transmission line To enable the on board termination resistor 120Ω Locate the termination switch that is located on the top of the Modbus Network Module Belden 9843 24AWG or equivalent cabling 3 twisted pair shield...

Page 12: ... the Network Management Module 14 2 3 Peel off the protection Change the position of the termination switch according to your needs Switch position No termination default Termination for two wire networks One of the two position below can be used or ...

Page 13: ... IP address of the Network Module STEP 3 The login screen appears STEP 4 Enter the user name in the User Name field The default user name is admin STEP 5 Enter the password in the Password field The default password is admin STEP 6 The password must be changed at first login STEP 7 Click Login The Network Module web interface appears 2 4 2 Finding and setting the IP address 2 4 2 1 Your network is...

Page 14: ... server 2 4 2 2 1 Define from the configuration port The IP address can be defined by accessing the web interface through RNDIS To access web interface through RNDIS see the Accessing the web interface through RNDIS section Define the IP settings Navigate to Contextual help Settings Network Protocol IPV4 Select Manual Static IP Input the following information Address Subnet Mask Default Gateway Sa...

Page 15: ...area connection STEP 2 Right click on the RNDIS local area connection and select Properties STEP 3 Select Internet Protocol Version 4 TCP IPv4 and press the Properties button RNDIS driver is used to emulate a network connection from USB After the card is connected to the PC Windows OS will automatically search for the RNDIS driver On some computers the OS can find the RNDIS driver then configurati...

Page 16: ...Accessing the Network Module Installing the Network Management Module 18 STEP 4 Then enter the configuration as below and validate IP 169 254 0 150 and mask 255 255 0 0 click OK then click on Close ...

Page 17: ...work Management Module Accessing the Network Module Modifying the Proxy exception list section in the full documentation STEP 4 Launch a supported browser the browser window appears STEP 5 In the Address Location field enter https 169 254 0 1 the static IP address of the Network Module for RNDIS The log in screen appears STEP 6 Enter the user name in the User Name field The default user name is ad...

Page 18: ...llow exclamation mark implying that driver has not been installed follow the steps 4 5 6 7 otherwise configuration is OK STEP 4 Right click on it and select Update Driver Software When prompted to choose how to search for device driver software choose Browse my computer for driver software Select Let me pick from a list of device drivers on my computer STEP 5 Select the folder where you have previ...

Page 19: ... For more details refer to Information CLI section 2 4 5 Modifying the Proxy exception list To connect to the Network Module via a USB cable and your system uses a Proxy server to connect to the internet the proxy settings can reject the IP address 169 254 0 1 The 169 254 Sequence is used to set up communication with devices via a physical connection To activate this connection exceptions will hav...

Page 20: ...Accessing the Network Module Installing the Network Management Module 22 Select the Connections tab Press LAN Settings Press ADVANCED Add the address 169 254 ...

Page 21: ...vigate to Contextual help Settings Modbus and press the Supported MAPs button to download the MAPs 2 5 2 1 Mapping table content For Modbus RTU configuration refer to the section Contextual help Settings Modbus Modbus RTU For Modbus TCP configuration refer to the section Contextual help Settings Modbus Modbus TCP File is generated in real time and will take into account the device capabilities and...

Page 22: ...t device Value Shows current value of the register on current device 2 5 3 Modbus communication monitoring tool Access the CLI through SSH or the Serial terminal emulation Get available commands by typing in the CLI CLI commands can be used to retrieve Modbus communication statistics see Information CLI modbus_statistics section for more details 2 5 4 Example of supported Modbus mapping The follow...

Page 23: ...Configuring Modbus Installing the Network Management Module 25 ...

Page 24: ...Configuring Modbus Installing the Network Management Module 26 ...

Page 25: ...Configuring Modbus Installing the Network Management Module 27 ...

Page 26: ...Configuring Modbus Installing the Network Management Module 28 ...

Page 27: ...r 3 1 1 Logging in for the first time 3 1 1 1 1 Enter default password As you are logging into the Network Module for the first time you must enter the factory set default username and password Username admin Password admin 3 1 1 2 2 Change default password Changing the default password is mandatory and requested in a dedicated window Enter your current password first and then enter the new passwo...

Page 28: ...nagement Module Recovering main administrator password Web user interface is not up to date after a FW upgrade Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed An infinite spinner is displayed on a tile Possible causes The browser is displaying the Web interface through the cache that contains previous FW data Action Empty the cache of your ...

Page 29: ...status information Battery status Provides battery status information 3 2 2 Menu structure Home Overview and status of the Device Active alarms Outlet status Meters Power quality meters and logs Controls Device and outlets control Protection Agents list Agents shutdown sequencing Shutdown on power outage Environment Commissioning Status Alarm configuration Information Settings Network Module setti...

Page 30: ...eparate browser page Alarms Open alarm page and displays the number of active alarms 3 2 3 Energy flow diagram 3 2 3 1 Line interactive UPS 3 2 3 2 Online UPS 3 2 3 3 Diagram elements description Description and symbols Description Possible states below the symbol Good Warning Fault ...

Page 31: ...load Rectifier Rectifier convert AC power to DC power Normal HE mode ready ESS mode ready In overload In short circuit In fault Battery Charger Battery and internal battery charger Battery OK Charger Charging Floating Resting Off Battery End of life Battery In fault Charger In fault Not present Inverter Inverter convert DC power to AC power Normal In overload In short circuit In fault Internal byp...

Page 32: ...w provides a summary of device identification information and nominal values Name Model P N S N Location Firmware version Input Voltage Input Frequency Output Voltage Output Frequency The COPY TO CLIPBOARD button will copy the information to your clipboard For example you can copy and paste information into an email 3 2 3 5 Show measures Provides input and output measures on the synoptic 3 2 3 5 1...

Page 33: ...ing on the UPS model Note To access Controls menu press the icon 3 2 5 Active Alarms Only active alarms are displayed the Alarms icon will also display the number of active alarms Alarms are sorted by date alert level time and description Note To see the alarm history press the icon 3 2 6 Environment Sensor status and data are displayed if available MIN MAX shows the minimal and maximal temperatur...

Page 34: ...Home Contextual help of the web interface 36 3 2 7 Energy flow diagram examples 3 2 7 1 Online UPS with single input source 3 2 7 1 1 Online mode 3 2 7 1 2 Bypass mode ...

Page 35: ...Home Contextual help of the web interface 37 3 2 7 1 3 Battery mode 3 2 7 1 4 Off mode ...

Page 36: ...Home Contextual help of the web interface 38 3 2 7 1 5 HE mode ESS mode 3 2 7 2 Online UPS with dual inputs sources and Maintenance bypass 3 2 7 2 1 Online mode ...

Page 37: ...Home Contextual help of the web interface 39 3 2 7 2 2 Bypass mode 3 2 7 2 3 Battery mode ...

Page 38: ...Home Contextual help of the web interface 40 3 2 7 2 4 HE mode ESS mode 3 2 7 2 5 Maintenance bypass mode 3 2 8 Access rights per profiles Administrator Operator Viewer Home ...

Page 39: ...3 3 1 Main utility input Displays the product main utility measures Current A Voltage V For other access rights see the Information Access rights per profiles section Gauge color code Green Value inside thresholds Orange Red Value outside thresholds Grey No thresholds provided by the device ...

Page 40: ...eters Contextual help of the web interface 42 3 3 2 Second utility input if available If presents displays the product second utility measures Current A Voltage V 3 3 3 Output Voltage V Power W Current A ...

Page 41: ...nformation 3 3 4 1 Overview Environment Type Nominal capacity Nominal voltage Capacity remaining Runtime State Recommended replacement date State of health Voltage Current Temperature Min cell voltage Max cell voltage Number of cycles Min temperature Max temperature BMS state The information displayed depends on the device ...

Page 42: ...battery test result as well as its critical status color and completion time Pass Warning Fail Unknown 3 3 5 1 Commands Launch test button is disabled if a battery test is already in progress or scheduled The Abort test button is enabled only when a test is in progress or scheduled 3 3 5 2 Pending action The pending action reflects the battery test status None Scheduled In progress Aborted Done ...

Page 43: ...utput Frequency Hz Output Current A Output Apparent Power VA Output Active Power W Output Power Factor Output Percent Load Battery Voltage V Battery Capacity Battery Remaining Time s 3 3 7 Default settings and possible parameters Meters Default setting Possible parameters Meters Logs Log measures every 60s Log measures every 3600s maximum 3 3 7 1 For other settings The sensors measures logs acquis...

Page 44: ...he following is a list of potential table values that are displayed based on the UPS topology On Protected Not protected Off Not powered Not protected 3 4 1 2 Commands A set of commands are available and activated when one of the following buttons is pressed A confirmation window appears Safe OFF This will shut off the load Protected applications will be safely powered down This control is availab...

Page 45: ...flects the current outlet status On Protected Not protected Off Not powered 3 4 2 2 Commands A set of commands are available and activated when one of the following buttons is pressed A confirmation window appears Safe OFF This will shut off the load connected to the associated load segment Protected applications are safely powered down This control is available only if the status is not OFF and i...

Page 46: ... the user manual of the UPS and its instructions on how to configure the UPS settings and allow remote commands Possible Cause 1 Remote commands are not allowed due to the UPS configuration see the action below 2 The UPS does not support remote commands Action Refer to the UPS user manual and its instruction on how to configure the UPS settings and allow remote commands Example UPS menu Settings O...

Page 47: ...matically trusted and accepted After automatic acceptance make sure that all listed agents belong to your infrastructure If not access may be revoked using the Delete button For maximum security Eaton recommend following one of the two methods on the certificate settings page Import client certificates manually Generate trusted certificate for both clients and Network Module using your own PKI 3 5...

Page 48: ... 5 1 3 Actions 3 5 1 3 1 Delete When communication with the agent is lost agent can be deleted by using the Delete button Select an agent and press the Delete button to delete the agent 3 5 1 4 Access rights per profiles Administrator Operator Viewer Protection Agent list 3 5 1 4 1 For other access rights When the agent is connected the Delete function will not work correctly because the agent wil...

Page 49: ...shows the error message The full data acquisition has failed even if the credentials are correct Possible cause The Network module timestamp is not correct Probably the MQTT certificate is not valid at Network module date Action Set the right date time and timezone If possible use a NTP server refer to Contextual help Settings General System details Time date settings section ...

Page 50: ...k Module On a network computer launch a supported web browser The browser window appears In the Address Location field enter https xxx xxx xxx xxx where xxx xxx xxx xxx is the static IP address of the Network Module The log in screen appears Enter the user name in the User Name field Enter the password in the Password field Click Login The Network Module web interface appears STEP 2 Navigate to Se...

Page 51: ...ts and press the Start button and Continue During the selected timeframe new agent connections to the Network Module are automatically trusted and accepted STEP 4 Action on the agent IPP IPM while the time to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls Client server ...

Page 52: ...Protection Contextual help of the web interface 54 3 5 2 Agent shutdown sequencing 3 5 2 1 Agent shutdown sequence timing ...

Page 53: ...n The tables include the following details Name Delay in seconds OS shutdown duration in seconds 3 5 2 2 Actions 3 5 2 2 1 Set Delay Select and directly change the setting in the table and then Save 3 5 2 2 2 Set OS shutdown duration Select and directly change the setting in the table and then Save 3 5 2 3 Examples Examples below show the impact of agent settings on the shutdown sequence for a shu...

Page 54: ...Protection Contextual help of the web interface 56 3 5 2 3 1 Example 1 Shutdown time 210s 10s 220s Immediate shutdown time 120s 10s 130s ...

Page 55: ...180s 10s 190s Immediate shutdown time 180s 10s 190s The trigger in the diagram is the moment when the shutdown sequence starts and it is defined in the Contextual help Protection Scheduled shutdown or the Contextual help Protection Shutdown on power outage sections for each power source ...

Page 56: ...arios are defined for any of the connected servers or appliances they will be triggered before the corresponding outlets are turned off as configured in shutdown settings 3 5 3 1 Scheduled shutdown table The table displays the scheduled shutdowns and includes the following details Recurrence Once Every day Every week Load segment Primary Group 1 Group 2 Shutdown time Date Time Restart time Date Ti...

Page 57: ...ion is not allowed by the UPS To enable it please refer to the user manual of the UPS and its instructions on how to configure the UPS settings and allow remote commands Possible Cause 1 Remote commands are not allowed due to the UPS configuration see the action below 2 The UPS does not support remote commands Action Refer to the UPS user manual and its instruction on how to configure the UPS sett...

Page 58: ...and schedule shutdown actions so that the IT system is powered down in the correct order For example applications first database servers next and storage last It is also possible to turn off some outlets to reduce power consumption and get longer battery runtime for the most important devices 3 5 4 1 Shutdown on power outage criteria For examples on Powering down applications see the Servicing the...

Page 59: ... To initiate the shutdown sequence when on battery for 10 seconds To initiate the sequence when the battery reaches the set capacity in To initiate or end the shutdown sequence after the set time in s before the end of backup time When there are several conditions to start the shutdown sequence the shutdown sequence will start as soon as one of the condition is reached d Settings examples All the ...

Page 60: ...Protection Contextual help of the web interface 62 Shutdown time 210s Example 1 Maximize availability Example 2 Immediate OFF ...

Page 61: ...Protection Contextual help of the web interface 63 Example 4 Custom ...

Page 62: ...Protection Contextual help of the web interface 64 Settings 1 Settings 2 ...

Page 63: ...ence when utility comes back For example this allows sequential startup of the IT system so that network and storage devices are connected to Primary and start up immediately After a delay database servers in Group1 are powered up and then application and web servers in Group 2 are powered up This startup would ensure that necessary services would be available for each layer when needed A sequenti...

Page 64: ...s not allowed by the UPS To enable it please refer to the user manual of the UPS and its instructions on how to configure the UPS settings and allow remote commands Possible Cause 1 Remote commands are not allowed due to the UPS configuration see the action below 2 The UPS does not support remote commands Action Refer to the UPS user manual and its instruction on how to configure the UPS settings ...

Page 65: ...commissioning information and includes the following details Name Location location position elevation Temperature Humidity Dry contact 1 Status and name Dry contact 2 Status and name Communication Connected Lost with dates 3 6 1 2 Actions 3 6 1 2 1 Download sensors measures Press the Download sensors measures button to download the sensors log file If available possible measures are listed below ...

Page 66: ... sensor 3 6 1 2 4 Define offsets 1 Select the sensors 2 Press the Define offset button to adjust the temperature and humidity offsets of the selected sensors 3 Extend the temperature or humidity section 4 Set the offsets in the cell temperatures and humidity will be updated accordingly 5 Press the Save button when done C K 273 15 F K x 9 5 459 67 When a sensor is deleted all the commissioning info...

Page 67: ...art number Serial number Name Location Temperature and humidity Active Yes No Dry contacts Active Yes No Name Polarity Normally open Normally closed The dry contact is close and this is normal because it is configured as normally close The dry contact is open and this is normal because it is configured as normally open The dry contact is open and this is not normal because it is configured as norm...

Page 68: ...es Administrator Operator Viewer Environment Commissioning Environment Status 3 6 1 4 1 For other access rights Deactivated dry contacts are not displayed and replaced by this icon If the UPS provides temperature compensated battery charging option see the Servicing the EMP Using the EMP for temperature compensated battery charging section For other access rights see the Information Access rights ...

Page 69: ... EMP to the device and Servicing the EMP Installing the EMP Daisy chaining 3 EMPs 2 Disconnect and reconnect the USB to RS485 cable 3 Launch the discovery if it is still not ok go to Action 1 3 Action 1 3 1 Reboot the Network module 2 Launch the discovery Symptom 2 The EMPs orange RJ45 LEDs are not blinking Possible causes C 1 the EMP address switches are all set to 0 C 2 the EMPs are daisy chaine...

Page 70: ...l threshold xx C or xx F Low warning threshold xx C or xx F High warning threshold xx C or xx F High critical threshold xx C or xx F Hysteresis x C or x F Visual update Live reading MIN MAX shows the minimal and maximal temperature measured by the sensor 3 6 2 1 1 Actions a Set Enabled Select and directly change the setting in the table and then Save For details on other issues see the Troubleshoo...

Page 71: ...me Location Enabled yes no Low critical threshold xx Low warning threshold xx High warning threshold xx High critical threshold xx Hysteresis x Visual update Live reading MIN MAX shows the minimal and maximal humidity measured by the sensor 3 6 2 2 1 Actions a Set Enabled Select and directly change the setting in the table and then Save When disabled no alarm will be sent b Set alarm threshold Ena...

Page 72: ...sabled no alarm will be sent b Set alarm severity Enable the alarm first and then change the setting in the table and then Save When the dry contacts is not in a normal position an alarm will be sent at the selected level The dry contact is open and this is not normal because it is configured as normally close The dry contact is close and this is not normal because it is configured as normally ope...

Page 73: ...g high warning high critical 100 Dry contacts Enabled No Alarm severity Warning Enabled No Yes Alarm severity Info Warning Critical 3 6 2 4 1 For other settings 3 6 2 5 Access rights per profiles Administrator Operator Viewer Environment Alarm configuration 3 6 2 5 1 For other access rights 3 6 3 Information Sensor information is an overview of all the sensors information connected to the Network ...

Page 74: ... Vendor Part number Firmware version UUID Serial number Location 3 6 3 1 Access rights per profiles Administrator Operator Viewer Environment Information 3 6 3 1 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 75: ...Text field that is used to provide the system name information Card system information is updated to show the system name 3 7 1 1 4 Time date settings The current date and time appears in the footer at the bottom of the screen You can set the time either manually or automatically a Manual Manually entering the date and time 1 Select the time zone for your geographic area from the time zone pull do...

Page 76: ...tails Configuration name Email address Notification updates Displays Events notification Periodic report icons when active Status Active Inactive In delegation 3 7 1 2 2 Actions a Add Press the New button to create a new email sending configuration b Remove Select an email sending configuration and press the Delete button to remove it DST is managed based on the time zone For examples on email sen...

Page 77: ...ss Status Active Inactive Hide the IP address from the email body Disabled Enabled This setting will be forced to Enabled if Enabled in the SMTP settings Schedule report Active Recurrence Starting Topic selection Card Devices Alarm notifications Severity level Attach logs Exceptions on events notification Attachment will contains only logs that have occurred during the recurrence ...

Page 78: ...Settings Contextual help of the web interface 80 3 7 1 3 SMTP settings SMTP is an internet standard for electronic email transmission The following SMTP settings are configurable ...

Page 79: ...rope Paris Location 31 characters maximum Contact 255 characters maximum System name 255 characters maximum Time date settings Manual Time zone selection on map Date Dynamic NTP Email notification settings No email 5 configurations maximum Custom name 128 characters maximum Email address 128 characters maximum Hide IP address from the email body enable disabled Status Active Inactive Alarm notific...

Page 80: ... from the email body enable disabled Secure SMTP connection enable disable Verify certificate authority disable enable 3 7 1 4 1 For other settings 3 7 1 5 Access rights per profiles Administrator Operator Viewer General 3 7 1 5 1 For other access rights 3 7 1 6 CLI commands email test Description mail test sends test email to troubleshoot SMTP issues Help Usage email test command Test SMTP config...

Page 81: ...int display date and time in YYYYMMDDhhmmss format s set mode Mode values set date and time format YYYYMMDDhhmmss manual date and time set preferred and alternate NTP servers ntpmanual preferred server alternate server automatically set date and time ntpauto Examples of usage Set date 2017 11 08 and time 22 00 time set manual 201711082200 Set preferred and alternate NTP servers time set ntpmanual ...

Page 82: ... to create up to ten new users b Remove Select a user and press the Delete button to remove it c Edit Press the pen logo to edit user information You will get access to the following settings Active Profile Username Full name Email Phone Organization Notify by email about account modification Password Reset password Generate randomly Enter manually Force password to be changed on next login See th...

Page 83: ... Password settings To set the password strength rules apply the following restrictions Minimum length Minimum upper case Minimum lower case Minimum digit Special character Password expiration To set the password expiration rules apply the following restrictions Number of days until password expires ...

Page 84: ...nable 0 32 disable Password expiration Number of days until password expires disabled Main administrator password never expires disabled Number of days until password expires disable enable 1 99999 Main administrator password never expires disable enable Lock account Lock account after xx invalid tries disabled Main administrator account never blocks disabled Lock account after xx invalid tries di...

Page 85: ...ters maximum Email 128 characters maximum Phone 64 characters maximum Organization 128 characters maximum 3 7 2 2 1 For other settings 3 7 2 3 Access rights per profiles Administrator Operator Viewer Local users 3 7 2 3 1 For other access rights 3 7 2 4 CLI commands whoami Description whoami displays current user information Username Profile Realm For other settings see the Information Default set...

Page 86: ... forgot my password Action Ask your administrator for password initialization If you are the main administrator your password can be reset manually by following steps described in the Servicing the Network Management Module Recovering main administrator password 3 7 2 5 1 For other issues See the CLI commands in the Information CLI section For details on other issues see the Troubleshooting sectio...

Page 87: ...wing details Name Address Port Security Certificate Status Status could take following values Unreachable Active 3 7 3 1 1 Actions a Configure 1 Press Configure to access the following LDAP settings Active Base access Security SSL None Start TLS SSL Verify server certificate Primary server Name Hostname Port Secondary server Name Hostname Port ...

Page 88: ...ibute UID attribute Group base DN Group name attribute GID attribute 2 Click Save b Profile mapping 1 Press Profile mapping to map remote groups to local profiles 2 Click Save c Users preferences For the list of access rights per profile refer to the section Full documentation Information Access rights per profiles All users preferences will apply to all remote users LDAP RADIUS ...

Page 89: ...t Time format 2 Click Save 3 7 3 2 RADIUS The table shows all the supported severs and includes the following details Name descriptive name for the RADIUS server Address hostname or IP address for the RADIUS server Status whether the RADIUS server is active or inactive Radius is not a secured protocol for a maximum security it is recomended to use LDAP over TLS ...

Page 90: ... address for the RADIUS server UDP port the UDP port for the RADIUS server 1812 by default Time out s length of time the client waits for a response from the RADIUS server Secondary server Name descriptive name for the RADIUS server Secret a shared secret between the client and the RADIUS server Address hostname or IP address for the RADIUS server UDP port the UDP port for the RADIUS server 1812 b...

Page 91: ... Profile mapping to map RADIUS profile to local profiles 2 Click Save c Users preferences For the list of access rights per profile refer to the section Full documentation Information Access rights per profiles All users preferences will apply to all remote users LDAP RADIUS ...

Page 92: ...ace 94 1 Press Users preferences to define preferences that will apply to all LDAP users Language Temperature Date format Time format 2 Click Save 3 7 3 3 Default settings and possible parameters Remote users Default setting Possible parameters ...

Page 93: ...ificate disabled enabled Primary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Secondary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Credentials Anonymous search bind disabled enabled Search user DN 1024 characters maximum Password 128 characters maximum Search base Search base DN 1024 characters maximum Request parameters User base...

Page 94: ... characters maximum UDP port 1 to 65535 Time out 3 to 60 Secondary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Users preferences Language English French German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Temperature unit C Celsius Date format MM DD YYYY Time format hh mm ss 24h 3 7 ...

Page 95: ...login to the card username Remote username to test p primary Force the test to use primary server optional s secondary Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional ldap test checkmappedgroups primary secondary v Check LDAP mapping p primary Force the test to use primary server optional s secondary Force the test to use secondary server opt...

Page 96: ... do I log in if I forgot my password Action Ask your administrator for password initialization If you are the main administrator your password can be reset manually by following steps described in the Servicing the Network Management Module Recovering main administrator password LDAP configuration commissioning is not working Refer to the section Servicing the Network Management Module Commissioni...

Page 97: ...7 4 Network Protocol 3 7 4 1 Network 3 7 4 1 1 IPv4 Press the Edit button to configure the network settings select either the Manual or DHCP settings option For details on other issues see the Troubleshooting section Any modifications are applied after the Network Module reboots ...

Page 98: ...tifies the class of the sub network the Network Module is connected to Enter the gateway address The gateway address allows connections to devices or hosts attached to different network segments b DHCP Select dynamic DHCP to configure network parameters by a BootP or DHCP server If a response is not received from the server the Network Module boots with the last saved parameters from the most rece...

Page 99: ...help of the web interface 101 3 7 4 1 2 IPv6 IPV6 status and the first three addresses are displayed Press the Edit button to configure the network settings and get more information and access to the following IPV6 details ...

Page 100: ...Enabled Mode Manual DHCP Address Prefix Gateway 3 7 4 1 3 DNS DHCP The DNS is a hierarchical decentralized naming system for computers services or other resources connected to the Internet or a private network Press the Edit button to configure the network settings select either the Static or Dynamic settings ...

Page 101: ...DNS server Enter the IP address of the DNS server that provides the translation of the domain name to the IP address Secondary DNS server Enter the IP address of the secondary DNS server that provides the translation of the domain name to the IP address when the primary DNS server is not available b DHCP Enter the Network Module Hostname ...

Page 102: ...N configuration are listed below Auto negotiation 10Mbps Half duplex 10Mbps Full duplex 100Mbps Half duplex 100Mbps Full duplex 1 0 Gbps Full duplex Any modifications are applied after the next Network Module reboot 3 7 4 2 Protocol This tab contains settings for communication protocols used to get information from the device through the network such as https for web browser ...

Page 103: ... https is 443 For additional security the ports can be changed on this page Press Save after modifications 3 7 4 2 2 Syslog a Settings This screen allows an administrator to configure up to two syslog servers To configure the syslog server settings 1 Enable syslog Since only https is available port 80 is not supported ...

Page 104: ...ctive drop down list to activate the server Enter the Hostname and Port Select the Protocol UDP TCP In TCP select the message transfer method Octet counting Non transparent framing Select the option Using Unicode BOM if needed Press Save after modifications 3 7 4 3 Remote Monitoring Services This tile allows an administrator to configure and enable the Remote monitoring services on the Network Mod...

Page 105: ... the remote monitoring connection settings 1 Enable the Remote monitoring services 2 Configure the Proxy if needed 3 Configure Advanced settings if so advised by Eaton service support and Save after modifications 4 Save after modifications a disclaimer will appear ...

Page 106: ...Monitoring Services DNS is set correctly Proxy is set correctly Certificate verification is OK Pending approval The Network Module is connected to the Remote Monitoring Services but not registered to it The Network Module must be registered by Eaton service team in the Remote Monitoring Services Connection lost The Network Module has lost the connection to the Remote Monitoring Services and will t...

Page 107: ... to check with your network administrator Proxy does not use a custom certificate to intercept traffic Troubleshooting Reboot the Network Module if above checking is OK and contact the service representative if it still is not working Invalid credentials The Network Module connection to the Remote Monitoring Services has failed Authentication has failed The Network Module is using invalid username...

Page 108: ...ransparent framing Using unicode byte order mask BOM disabled Server 2 Name empty Status Disabled Hostname empty Port 514 Protocol UDP Message transfer method DIsabled in UDP Using unicode byte order mask BOM disabled Inactive Active Server 1 Name 128 characters maximum Status Disabled Enabled Hostname 128 characters maximum Port x xxx Protocol UDP TCP Message transfer method Non transparent frami...

Page 109: ...lp of the web interface 111 3 7 4 5 Access rights per profiles Administrator Operator Viewer Network Protocols 3 7 4 5 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 110: ... Viewer and Operator profiles netconf h Usage netconf OPTION Display network information and change configuration h help display help page l lan display Link status and MAC address 4 ipv4 display IPv4 Mode Address Netmask and Gateway 6 ipv6 display IPv6 Mode Addresses and Gateway d domain display Domain mode FQDN Primary and Secondary DNS For Administrator profile ...

Page 111: ...ain mode Mode values set custom Network address Netmask and Gateway manual domain name primary DNS secondary DNS automatically set Domain name Primary and Secondary DNS dhcp i set ipv4 mode Mode values set custom Network address Netmask and Gateway manual network mask gateway automatically set Network address Netmask and Gateway dhcp x set ipv6 status Status values enable IPv6 enable disable IPv6 ...

Page 112: ...tagram to elicit an ICMP ECHO_RESPONSE from a host or gateway ECHO_REQUEST datagrams pings have an IP and ICMP header followed by a struct timeval and then an arbitrary number of pad bytes used to fill out the packet c Specify the number of echo requests to be sent h Specify maximum number of hops Hostname or IP Host name or IP address ping6 The ping6 utility uses the ICMP protocol s mandatory ECH...

Page 113: ...IPv6 address IPv6 address 3 7 4 6 1 For other CLI commands 3 7 5 SNMP This tab contains settings for SNMP protocols used for network management systems 3 7 5 1 SNMP tables See the CLI commands in the Information CLI section Changes to authentication settings need to be confirmed by entering a valid password for the active user account The default port for SNMP is 161 and normally this should not b...

Page 114: ...ndard IETF UPS MIB RFC 1628 Sensor MIB Press the Supported MIBs button to download the MIBs 3 7 5 1 1 Settings This screen allows an administrator to configure SNMP settings for computers that use the MIB to request information from the Network Module Default ports for SNMP are 161 SNMP v1 and v3 set get and 162 traps These ports can be changed on the settings screen for additional security To con...

Page 115: ...n either Read Only or Read Write account to access settings 2 Enter the SNMP Community Read Only string The Network Module and the clients must share the same community name to communicate 3 Select Active in the Enabled drop down list to activate the account 4 Access level is set to display information only ...

Page 116: ...vate the account 4 Select access level Read only The user does not use authentication and privacy to access SNMP variables Read Write The user must use authentication but not privacy to access SNMP variables 5 Select the communication security mechanism Auth Priv Communication with authentication and privacy Auth No Priv Communication with authentication and without privacy No Auth No Priv Communi...

Page 117: ...n security mechanism select the Privacy algorithms AES fill in password and privacy keys The password can be between 8 and 24 characters and use a combination of alphanumeric and the following special characters _ AES192 fill in password and privacy keys The password can be between 8 and 24 characters and use a combination of alphanumeric and the following special characters _ AES256 fill in passw...

Page 118: ...3 3 Press the SAVE button b Remove Select a trap receiver and press the Delete button to remove it c Edit Press the pen icon to edit trap receiver information and access to its settings d Test trap Press the Test trap button to send the trap test to all trap receivers Separate window provides the test status with following values In progress Request successfully sent invalid type For details on SN...

Page 119: ...xx SNMP V1 disable enable Community 1 128 characters maximum Enabled Inactive Active Access Read only Community 2 128 characters maximum Enabled Inactive Active Access Read Write SNMP V3 disable enable User 1 32 characters maximum Enabled Inactive Active Access Read only Read Write Authentication Auth SHA 1 None Password 128 characters maximum Confirm password 128 characters maximum Privacy Secure...

Page 120: ...ectivity is not properly working after a restore settings on a 1 7 0 version or above Cause The SNMPv3 was configured prior to 1 7 0 In that case SNMPv3 configuration is not well managed by the Save and by the Restore settings Action Reconfigure your SNMPv3 users and passwords on versions 1 7 0 or above and Save the settings The SNMPv3 configuration can then be Restored 3 7 5 6 1 For other issues ...

Page 121: ...rable Enable Baud rate Parity Stop bits This section is only for the Modbus Network ModuleINDGW For instructions on connecting Modbus RTU see the section Installing the Network Management Module Wiring the RS 485 Modbus RTU terminal Configuring the termination For instructions on configuring Modbus see the section Installing the Network Management Module Configuring Modbus ...

Page 122: ... table The table shows all the mapping configuration and includes the following details Custom name MAP Transport Access Illegal read IP filtering Coil register base address shift b Actions Add Press the New button to create new mapping configuration Remove Select a mapping configuration and press the Delete button to remove it Edit Press the pen logo to edit mapping configuration ...

Page 123: ...nterface 125 You will get access to the following settings Custom name MAP Transport Device ID Access Illegal read behaviour Coil register base address shift IP filtering Supported MAPs Press the Supported MAPs button to download the MAPs ...

Page 124: ...or displayed Enable BACnet IP Device Id Must be unique in BACnet network Automatically generated from Ethernet MAC address to prevent collisions Device Name Must be unique in BACnet network Automatically generated from manufacturer name and serial number to prevent collisions Device connection control password Password is required with DCC commands if it has not been configured then these commands...

Page 125: ...200 2400 4800 9600 19200 38400 57600 115200 Parity None Even Odd Stop bits 1 2 Modbus TCP Modbus TCP Inactive Port 502 Modbus TCP Inactive Active Port x xxx Mapping configuration No mapping Custom name 128 characters maximum Map Eaton ModbusMS compatible Eaton PowerXpert UID 0 compatible Card System Information Transport RTU TCP Access None Read only Read Write Illegal read behaviour Return except...

Page 126: ...onnection control password 6 20 characters maximum Local port 1 65535 characters maximum as all the other UDP and TCP ports MAC address MAC address format Broadcast management device Inactive Active BBMD BACnet IP device IP address format BBMD Time to live 30 1800 seconds 3 7 6 3 1 For other settings 3 7 6 4 Access rights per profiles Administrator Operator Viewer Industrial protocols Modbus Indus...

Page 127: ...s the server and displays Modbus message This command allow you to verifiy that Modbus server is working as expected Help modbus_message_display help Restart server and display modbus message h Restart server and display modbus message For other access rights see the Information Access rights per profiles section This section is only for the Modbus Network Module INDGW ...

Page 128: ...ge count CRC error count Incoming message count Discarded message count Processed message count Success returned count Exception returned count Help modbus_statistics Display modbus server statistics h help Display the help page r reset Reset modbus server statistics The counter from A1 1 to A1 4 are reset only at startup of the server 3 7 6 5 1 For other CLI commands This section is only for the ...

Page 129: ...o the section Installing the Network Management Module Wiring the RS 485 Modbus RTU terminal Four wire networks If the Modbus Card is the last device installed in the network chain or the length of the network cable is excessive termination needs to be enabled Verify the termination settings and refer to the section Installing the Network Management Module Wiring the RS 485 Modbus RTU terminal Con...

Page 130: ... secured and trusted network For maximum security we recommend following one of the two methods on the certificate settings page Import agent s certificates manually Generate trusted certificate for both agents and Network Module using your own PKI 3 7 7 1 1 Actions a Start Starts the pairing window during the selected timeframe or until it is stopped Time countdown is displayed b Stop Stops the p...

Page 131: ...and then press the Revoke button A confirmation window appears press Continue to proceed this operation cannot be recovered b Export Exports the selected certificate on your OS browser window c Configure issuer Press the Configure issuer button A configuration window appears to edit issuer data Revoke will replace current certificate by a new self signed certificate This may disconnect connected a...

Page 132: ...the following Certificate summary Actions Generate a new self signed certificate Generate CSR Import certificate only available when CSR is generated Details e Generate a new self signed certificate To replace a selected certificate with a new self signed certificate This may disconnect applications such as a Web browser shutdown application or monitoring application Issuer configuration will be a...

Page 133: ... signed by the CA it can be imported into the Network Module When the import is complete the new local certificate information is displayed in the table 3 7 7 3 Certificate authorities CA Manages CAs 3 7 7 3 1 CA table The table displays certificate authorities with the following details Used for Issued by Issued to Valid from Expiration Status valid expires soon or expired 3 7 7 3 2 Actions a Imp...

Page 134: ...om Expiration In case a certificate expires the connection with the client will be lost If this happens the user will have to recreate the connection and associated certificates Status valid expires soon or expired 3 7 7 4 1 Actions a Import When importing the client certificate you must select the associated service and then upload process can begin through the OS browser window b Revoke Select t...

Page 135: ... code State or Province 64 characters maximum City or Locality 64 characters maximum Organization name 64 characters maximum Organization unit 64 characters maximum Contact email address 64 characters maximum 3 7 7 5 1 For other settings 3 7 7 6 Access rights per profiles Administrator Operator Viewer Certificate 3 7 7 6 1 For other access rights For other settings see the Information Default sett...

Page 136: ...ICE_NAME export over SSH sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local export SERVICE_NAME import over SSH cat FILE sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local import SERVICE_NAME csr over SSH sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local csr mqtt From a Windows host plink tools from putty is required print over SSH plink USER CARD_ADDRESS pw PASSWORD ba...

Page 137: ...rface 139 CARD_ADDRESS is IP or hostname of the card FILE is a certificate file SERVICE_NAME is the name one of the following services mqtt syslog webserver 3 7 7 7 1 For other CLI commands See the CLI commands in the Information CLI section ...

Page 138: ...k if the IPP IPM certificate validity for the Network Module STEP 1 Connect to the Network Module On a network computer launch a supported web browser The browser window appears In the Address Location field enter https xxx xxx xxx xxx where xxx xxx xxx xxx is the static IP address of the Network Module The log in screen appears Enter the user name in the User Name field Enter the password in the ...

Page 139: ...tion on the agent IPP IPM while the time to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls Card wrong timestamp leads to Full acquisition has failed error message on Software Symptoms IPP IPM shows the error message The full data acquisition has failed even if the crede...

Page 140: ...hysical name Vendor UUID Part number Serial number Hardware version Location Contact MAC address 3 8 1 2 Firmware information Version SHA Build date Installation date Activation date Bootloader version 3 8 1 3 Access rights per profiles Administrator Operator Viewer System information 3 8 1 3 1 For other access rights 3 8 2 Firmware 3 8 2 1 Update firmware Monitors the information for the two embe...

Page 141: ... Module does not monitor the Device status To upgrade the firmware 1 Download the latest firmware version from the website For more information see the Servicing the Network Management Module Accessing to the latest Network Module firmware driver section 2 Click Upload 3 Click Choose file and select the firmware package by navigating to the folder where you saved the downloaded firmware 4 Click Up...

Page 142: ...umber 3 8 2 4 1 For other CLI commands Do not close the web browser or interrupt the operation Depending on your network configuration the Network Module may restart with a different IP address Refresh the browser after the Network module reboot time to get access to the login page Press F5 or CTRL F5 to empty the browser to get all the new features displayed on the Web user interface Communicatio...

Page 143: ...fer to Installing the Network Management Module Accessing the Network Module Finding and setting the IP address section Web user interface is not up to date after a FW upgrade Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed An infinite spinner is displayed on a tile Possible causes The browser is displaying the Web interface through the cac...

Page 144: ...restarting the network module operating system To reboot the Network Module Click Reboot A confirmation message displays click Reboot to confirm the reboot time will take approximately less than 2min For details on default settings see the Information Default settings parameters section Depending on your network configuration the Network Module may restart with a different IP address Only main adm...

Page 145: ...ork configuration the Network Module may restart with a different IP address Refresh the browser after the Network module reboot time to get access to the login page Communication Lost and Communication recovered may appear in the Alarm section For more details navigate to Servicing the Network Management Module Saving Restoring Duplicating section ...

Page 146: ...e to cypher the sensitive data 3 Click on Save 3 8 3 1 5 Restore To restore the Network module settings 1 Click on Restore 2 Select to include the Network settings if needed 3 Enter the passphrase used when the file was saved Below settings are not saved Local users other than the main administratorSensor settings commissioning alarm configuration Restoring settings may result in the Network modul...

Page 147: ...s with the network module It is not intended for the user which is why the file is protected by a password To download the maintenance report file Click Download report A confirmation message displays Maintenance report file successfully downloaded 3 8 3 2 Access rights per profiles Administrator Operator Viewer Services 3 8 3 2 1 For other access rights For other access rights see the Information...

Page 148: ...a maintenance report file which may be handed to the technical support Help maintenance cr Create maintenance report file h help Display help page reboot Description Tool to Reboot the card Help Usage reboot OPTION cr Reboot the card help Display help withoutconfirmation Reboot the card without confirmation ...

Page 149: ... p PASSWORD ssh USER CARD_ADDRESS save_configuration p PASSPHRASE FILE Restore over SSH cat FILE sshpass p PASSWORD ssh USER CARD_ADDRESS restore_configuration p PASSPHRASE From a Windows host Save over SSH plink USER CARD_ADDRESS pw PASSWORD batch save_configuration p PASSPHRASE FILE Restore over SSH type FILE plink USER CARD_ADDRESS pw PASSWORD batch restore_configuration p PASSPHRASE Require pl...

Page 150: ...d without confirmation cr Do factory reset of the card 3 8 3 3 1 For other CLI commands 3 8 4 Resources Card resources is an overview of the Network Module processor memory and storage information The COPY TO CLIPBOARD button will copy the information to your clipboard so that it can be past For example you can copy and paste information into an email 3 8 4 1 Processor Used in Up since date See th...

Page 151: ...153 3 8 4 2 Memory Total size in MB Available size in MB Application size in MB Temporary files size in MB 3 8 4 3 Storage Total size in MB Available size in MB Used size in MB 3 8 4 4 Access rights per profiles Administrator Operator Viewer Resources ...

Page 152: ...tarted Ram total MB free MB used MB tmpfs temporary files usage MB Flash user data total MB free MB used MB Help systeminfo_statistics Display systeminfo statistics h help Display the help page 3 8 4 5 1 For other CLI commands 3 8 5 System logs 3 8 5 1 System logs There are 4 types of logs available Update Account Session System For other access rights see the Information Access rights per profile...

Page 153: ...ts that are either licensed under various open source license or under a proprietary license 3 9 1 Component All the open source components included in the Network Module are listed with their licenses 3 9 2 Availability of source code Provides the way to obtain the source code of open source components that are made available by their licensors For the list of system logs see the Information Syst...

Page 154: ...proprietary elements Provides notice for our proprietary i e non Open source elements 3 9 4 Access rights per profiles Administrator Operator Viewer Legal information 3 9 4 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 155: ...ve alarm counter 3 10 3 Alarm details All alarms are displayed and sorted by date with alert level time description and status Info Warning Critical logo Alarm description text Active In color In bold with Active label Opened In color Closed Greyed Alarms with a severity set as Good are not taken into account into the counter of active alarms ...

Page 156: ...the Export button to download the file 3 10 6 Clear Press the Clear button to clear alarms that are older than a specified date and up to a defined severity 3 10 7 Alarms list with codes To get access to the Alarm log codes or the System log codes for email subscription see sections below System log codes UPS HID alarm log codes 9130 UPS XCP alarm log codes EMP alarm log codes Network module alarm...

Page 157: ...indow 3 11 2 User profile This page displays the current username with its realm local remote and allows to Change passwords Edit account and Log out For other access rights see the Information Access rights per profiles section This page is in read only mode when connected through LDAP and it displays the preferences applied to all LDAP users as configured in the Contextual help Settings Remote u...

Page 158: ...e web interface 160 3 11 2 1 Change password Click on Change password to change the password In some cases it is not possible to change the password if it has already been changed within a day period Refer to the troubleshooting section ...

Page 159: ... Edit account to edit user profile and update the following information Account details Full name Email Phone Organization Preferences Language Date format Time format Temperature 3 11 2 3 Edit account Click Log out to close the session 3 11 3 Default settings and possible parameters User profile Default setting Possible parameters ...

Page 160: ...rench German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Date format MM DD YYYY YYY MM DD DD MM YYY DD MM YYY DD MM YYY DD MM YYYY Time format hh mm ss 24h hh mm ss 12h Temperature C Celsius F Fahrenheit 3 11 3 1 For other settings 3 11 4 Access rights per profiles Administrator Operator Viewer User profile 3 11 4 1 For other access rights 3 11 5 CLI commands logout Des...

Page 161: ... My profile is not working Symptoms The password change shows Invalid credentials when I try to change my password in My profile menu Possible cause The password has already been changed once within a day period Action Let one day between your last password change and retry 3 11 6 1 For other issues See the CLI commands in the Information CLI section For details on other issues see the Troubleshoo...

Page 162: ...ions below when they are related to the web page Servicing the Network Management Module How to install and use the Network module Securing the Network Management Module How to secure the Network module Information General information of the Network Module and Devices Troubleshooting How to troubleshoot the Network Module 3 12 2 Access rights per profiles Administrator Operator Viewer Contextual h...

Page 163: ...gned by a CA import the corresponding CA in the Certificate authorities CA list for LDAP service Configure credentials to bind with the LDAP server or select anonymous if no credentials are required Configure the Search base DN Configure the request parameters see examples below 4 1 1 1 1 Typical request parameters Parameter OpenLDAP Active Directory with POSIX account activated Active Directory U...

Page 164: ... verify an LDAP user can authenticate using his username and password and will display its local profile In case of error use the verbose option of the command to investigate the reason 4 1 3 Limitations If the same username exists in both local and LDAP databases the behavior is undefined If a user belongs to multiple LDAP groups mapped to different profiles the behavior is undefined No client ce...

Page 165: ... agents and press the Start button and the press Continue During the selected timeframe new agent connections to the Network Module are automatically trusted and accepted STEP 2 Action on the agent IPP while the time to accepts new agents is running on the Network Module 1 Connect to the web interface of the agent 2 Detect the UPS Network Module with a Quick scan Range scan or an Address es scan 3...

Page 166: ...and then click on CONTINUE 4 Select the client pem file previously saved click Open Communication with the agent is restored 4 3 Powering down up applications examples 4 3 1 Powering down IT system in a specific order 4 3 1 1 Target Powering down applications first when on battery for 30s database servers next 3min after the applications and storage last as late as possible 4 3 1 2 Step 1 Installa...

Page 167: ...gent shutdown sequencing page 4 Set the OS shutdown duration to the time needed for your server to shutdown gracefully This will make sure IPP shutdowns your servers before the load segment is powered down As a result it will define the overall shutdown sequence duration for each load segments 4 3 1 4 Step 3 Power outage policy settings 4 3 1 4 1 Objective Use load segment policies to define shutd...

Page 168: ...ty is maximized and its shutdown will end 30s before the end of backup time 3 Set Group 1 and Group 2 to Custom Applications must shutdown first so Group 1 has been set to start shutdown when on battery for 30s Servers must shutdown second so Group 2 has been set to start shutdown when on battery for 210s so 3min after the applications ...

Page 169: ...ical equipment Powering down critical equipment 3min before the end of backup time 4 3 2 2 Step 1 Installation setup 4 3 2 2 1 Objective Use load segmentation provided by the UPS to independently control the power supply of each IT equipment categories Applications Database servers Storage Load segmentation also allows IT equipment to restart sequentially on utility recovery Restart sequentially t...

Page 170: ...tion Agent shutdown sequencing page 4 Set the OS shutdown duration to the time needed for your server to shutdown gracefully This will make sure IPP shutdowns your servers before the load segment is powered down As a result it will define the overall shutdown sequence duration for each load segments 4 3 2 4 Step 3 Power outage policy settings 4 3 2 4 1 Objective Use load segment policies to define...

Page 171: ...examples Servicing the Network Management Module 173 Critical equipment is the last one to power down their availability will be maximized and their shutdown will end 180s before the end of backup time 3 Set Group 2 to Immediate off ...

Page 172: ...ially the IT equipment on utility recovery 4 3 3 1 Target Restart the storage first right after utility recovery database servers next 2min after utility recovery and applications last 3min after utility recovery 4 3 3 2 Step 1 Installation setup 4 3 3 2 1 Objective Use load segmentation provided by the UPS to independently control the power supply of each IT equipment categories Applications Data...

Page 173: ...e Automatically restart the UPS when battery capacity exceeds and set it to 0 The storage will restart first right after utility recovery without waiting the battery capacity to exceed a limit 4 Set Then Group 1 after to 120s The database servers will restart 120s after the utility recovery 5 Set Then Group 2 after to 60s The database servers will restart 180s after the utility recovery 4 4 Checki...

Page 174: ...ll script executable chmod 700 install_updatePackage sh 4 6 2 2 Procedure To upgrade the Network module using Open a shell terminal on your computer Linux or cygwin meaning real or emulated Linux operating system Use the shell script install_updatePackage sh Usage install_updatePackage sh options Upgrade tool Mandatory arguments are f i u and p h show help f path path of the upgrade file u usernam...

Page 175: ...ncompress and flash upgrade inProgress 61 Uncompress and flash upgrade inProgress 78 Uncompress and flash upgrade inProgress 92 Uncompress and flash upgrade inProgress 100 Uncompress and flash upgrade inProgress 100 Uncompress and flash upgrade Executing post post_upgrade sh script upgrade Upgrade done Warning Permanently added X X X X ECDSA to the list of known hosts Rebooting res Y Update OK 4 7...

Page 176: ... type 5 Replace the battery cell the positive mark should be visible when inserting it 6 Replace the Network Module and secure the screw reconnect the Network cable if it was unplugged during the operation 7 Connect the Network Module and set the date and time For more information see the Date Time section ...

Page 177: ... to Contextual help User profile Edit account Select the language and then press the Save button 4 10 Resetting username and password 4 10 1 As an admin for other users 1 Navigate to Contextual help Settings Local users 2 Press the pen icon to edit user information 3 Change username and save the changes 4 Select Reset password and choose from the following options Generate randomly Enter manually ...

Page 178: ...odule Peel off the protection Change the position of switch number 3 this change is detected during next power ON and the sanitization will be applied Case 1 Case 2 Below instruction will sanitize the card and blank all the data Depending on your network configuration the Network Module may restart with a different IP address Only main administrator user will remain with default login and password...

Page 179: ...otocol IPV4 Select Manual Static IP Input the following information IPv4 Address Subnet Mask Default Gateway Save the changes 4 13 Reading device information in a simple way 4 13 1 Web page The product information is located in the Contextual help Home Energy flow diagram Details specifically with the button on the top of the diagram 4 14 Subscribing to a set of alarms for email notification 4 14 ...

Page 180: ...tion 4 14 2 Example 2 subscribing to all Critical alarms and some specific Warnings Follow the steps below 1 Navigate to Contextual help Settings General Email notification settings 2 Press the button New to create a new configuration 3 Select Logs will be attached by default in that example even if there is no subscription on card or device events ...

Page 181: ...e ALL Critical and User account Warning notification Email address myaddress mycompany com Notify on events Active Subscribe to Critical card events and Critical device events Always notify events with code 0800700 0800900 User account password expired User account locked 4 Press Save the table will show the new configuration ...

Page 182: ...s file 4 15 1 1 JSON file structure The JSON file is structured into 3 blocks 4 15 1 1 1 File block File block cannot be modified this is the mandatory structure of the JSON file 4 15 1 1 2 Feature block Feature block contains the full definition of a feature If it is removed from the JSON file this feature settings will not be updated restored in the card 4 15 1 1 3 Data block Data block contains...

Page 183: ...the JSON file these values will not be updated restored c Values Values can be kept as is modified or removed Removed values will not be updated restored 4 15 1 2 Sensitive data like passwords JSON file structure will slightly varies if sensitive data are exported with passphrase or not 4 15 1 2 1 The JSON file is saved using passphrase preferred All sensitive data will have below structure 4 15 1...

Page 184: ...users is not yet available only the predefined account main administrator can be modified 4 15 1 3 3 Modifying SNMP settings Original file Modified file SNMP disabled SNMP enabled on port 161 SNMPv1 disabled SNMPv3 enabled 2 x accounts 1 x read only user enabled with Auth Priv security level and passwords 1x read write user enabled with Auth Priv security level and passwords 1 x active trap When r...

Page 185: ...ng the Network Management Module 187 Original file Modified file 4 15 1 3 4 Making a partial update restoration a Example Updating Restoring only LDAP settings If you restore below JSON content only LDAP settings will be updated restored everything else will remain unchanged ...

Page 186: ...xx OU xxxx OU xxxx DC xxxx DC xxxx password plaintext null searchBase searchBaseDN DC xxx DC xxx DC xxx requestParameters userBaseDN OU xxxx DC xxxx userNameAttribute xxxx uidAttribute objectSid x x x xx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx groupBaseDN OU xxxx DC xxxx groupNameAttribute xx gidAttribute objectSid x x x xx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx profileMapping remoteGroup xxxxxxxxxxxxxx profil...

Page 187: ...s dateFormat Y m d YYYY MM DD d m Y DD MM YYYY d m Y DD MM YYYY d m Y DD MM YYYY m d Y MM DD YYYY d m Y DD MM YYYY preferences timeFormat 1 24h 0 12h preferences temperatureUnit 1 C 2 F Data BACnet BACnet Data Values example BACnet Data Values example Card Data Values example Certificate Settings Data Values example Date timeZone Europe Paris Africa Johannesburg America New_York Asia Shanghai Refe...

Page 188: ...dbus mapping configurations transport 1 RTU 2 TCP mapping configurations map network_card Card System Information modbus_ms Eaton ModbusMS compatible Eaton PowerXpert UID 0 compatible Card System Information mapping configurations transportFilter Access to all xx xxx xx xx yy yyy yy yy Access to a list of IP address mapping configurations deviceID 1 to 247 mapping configurations access 0 None 1 Re...

Page 189: ...us_ms Eaton ModbusMS compatible Eaton PowerXpert UID 0 compatible Card System Information mapping configurations transportFilter Access to all xx xxx xx xx yy yyy yy yy Access to a list of IP address mapping configurations deviceID 1 to 247 mapping configurations access 0 None 1 Read only 3 Read Write mapping configurations illegalReadBehavior 1 Return exception 2 return zeros Data Values example ...

Page 190: ... 简体中文 zh_Hant 繁體中文 preferences dateFormat Y m d YYYY MM DD d m Y DD MM YYYY d m Y DD MM YYYY d m Y DD MM YYYY m d Y MM DD YYYY d m Y DD MM YYYY preferences timeFormat 1 24h 0 12h preferences temperatureUnit 1 C 2 F Data Values example Schedule scheduler 1 Primary 2 Group 1 3 Group 2 recurrence 0 once 1 every day 2 every week shutdownTimeStamp timestamp unix restartTimeStamp timestamp unix Data Val...

Page 191: ...xample Syslog servers protocol 1 UDP 2 TCP servers tcpframing 1 TRADITIONAL 2 OCTET_COUNTING Data Values example Web server 4 15 2 Saving Restoring Duplicating settings through the CLI Navigate to Information CLI save_configuration restore_configuration section to get example on how to save and restore settings through the CLI 4 15 3 Saving Restoring Duplicating settings through the Web interface ...

Page 192: ...reasing concern regarding cybersecurity across industries where companies are steadily integrating field devices into enterprise wide information systems This occurs in discrete manufacturing and process industrial environments a wide range of general and specific purpose commercial buildings and even utility networks Traditionally electrical systems were controlled through serial devices connecte...

Page 193: ...ograms and provides access to that device Worm a device program that spreads without user interaction and affects the stability and performance of the ICS network Spyware a device program that changes the configuration of a device 5 1 5 Defense in depth While there are differences between traditional IT systems and ICS the fundamental concept of defense in depth is applicable to both Defense in de...

Page 194: ...ll protection methods that hide and protect individual devices and computers in a control network These firewalls communicate at the application layer and can provide better inspection capabilities Because they collect extensive log data application level proxy firewalls can negatively impact the performance of an ICS network Stateful inspection firewalls These firewalls work at the network sessio...

Page 195: ...ontrol both physical and logical should be defined and implemented The key consideration when designing access control is defining the required interactions both within a given zone and between zones These interactions should be mapped out clearly and prioritized based on need It is important to realize that every hole poked in a firewall and each non essential functionality that provides access o...

Page 196: ...andards 5 1 7 1 Understanding an ICS network Creating an inventory of all the devices applications and services that are hosted in a network can establish an initial baseline for what to monitor Once those components are identified and understood control ownership and operational consideration can be developed 5 1 7 2 Log and event management It is important to understand what is happening within ...

Page 197: ...ice Extensive testing needs to be conducted before deployment to minimize this impact 5 1 7 5 Continuous assessment and security training It is critical that ICS network administrators and regular users be properly trained to ensure the security of the ICS and the safety of the people who operate and depend on it Ongoing vulnerability assessments are critical to identify issues and understand the ...

Page 198: ... To protect important assets all organizations must take cybersecurity threats seriously and meet them proactively with a system wide defensive approach specific to organizational needs There is no protection method that is completely secure A defense mechanism that is effective today may not be effective tomorrow the ways and means of cyber attacks constantly change It is critical ICS administrat...

Page 199: ...t gov sites default files FactSheets NCCIC 20ICS_FactSheet_Defense_in_Depth_Strategies_S508C pdf 2 NIST SP 800 82 Guide to Industrial Control Systems ICS Security June 2011 http csrc nist gov publications nistpubs 800 82 SP800 82 final pdf 3 NIST SP 800 94 Guide to Intrusion Detection and Prevention Systems IDPS Feb 2007 http csrc nist gov publications nistpubs 800 94 SP800 94 pdf 4 Common Cyberse...

Page 200: ...ers that can be referenced at www eaton com cybersecurity 5 2 2 Secure configuration guidelines 5 2 2 1 Asset identification and Inventory Keeping track of all the devices in the system is a prerequisite for effective management of Cybersecurity of a system Ensure you maintain an inventory of all the components in your system in a manner in which you uniquely identify each component To facilitate ...

Page 201: ...d such as locks card readers and or guards etc Network module supports the following physical access ports controller mode switches and USB ports RJ45 USB A USB Micro B Access to them need to be restricted Do not connect unauthorized USB device or SD card for any operation e g Firmware upgrade Configuration change and Boot application change Before connecting any portable device through USB or SD ...

Page 202: ...through the Contextual help Settings Local users page Follow embedded help for instructions on how to edit a user account Server and client certificate configuration Navigate to Contextual help Settings Certificate Follow embedded help for instructions on how to configure it 5 2 2 4 Deactivate unused features Network module provides multiple options to upgrade firmware change configurations set po...

Page 203: ...ptly monitor for fresh firmware updates implement patching and updates as and when required or released Navigate in the help to Contextual help Maintenance Services to get information on how to upgrade the Network Module Eaton also has a robust vulnerability response process In the event of any security vulnerability getting discovered in its products Eaton patches the vulnerability and releases i...

Page 204: ...e Refer to the section Contextual help Settings Local users in the settings 5 4 Decommissioning the Network Management module With the increased frequency of reported data breaches it s becoming more and more necessary for companies to implement effective and reliable decommissioning policies and procedures In order to protect the data stored on retired IT equipment from falling into the wrong han...

Page 205: ...or to the loads that are connected to it The EMP monitors temperature and humidity information to help you protect critical equipment The EMP measures temperatures from 0 C to 70 C with an accuracy of 2 C The EMP measures relative humidity from 10 to 90 with an accuracy of 5 The EMP can be located some distance away from the device with a CAT5 network cable up to 50m 165 ft long The EMP monitors t...

Page 206: ...l the other EMPs 6 3 1 1 1 Example manual addressing of 3 EMPs connected to the Device 6 3 2 Mounting the EMP The EMP includes magnets cable ties slots and keyholes to enable multiple ways of mounting it on your installation Address must be defined before the EMP power up otherwise the changes won t be taken into account Do not set Modbus address to 0 otherwise the EMP will not be detected Green L...

Page 207: ...tener Side mounting magnets tie wraps 6 3 2 1 Rack mounting with keyhole example To mount the EMP on the rack use the supplied screw washer and nut Then mount the EMP on the screw and tighten it 6 3 2 2 Rack mounting with tie wraps example To mount the EMP on the door of the rack use the supplied cable ties ...

Page 208: ...and tighten it 6 3 2 4 Wall mounting with nylon fastener example To mount the EMP within the enclosure environment attach one nylon fastener to the EMP and the other nylon fastener to an enclosure rail post Then press the two nylon strips together to secure the EMP to the rail post Cut nylon fastener and stick it on the EMP bottom on the location highlighted below this will prevent to interfere wi...

Page 209: ...P RJ45 female female connector supplied in EMP accessories USB to RS485 converter cable supplied in EMP accessories Ethernet cable not supplied Device 6 3 3 2 2 Connection steps STEP 1 Connect the USB to RS485 converter cable to the USB port of the Device Address must be defined before the EMP power up otherwise the changes won t be taken into account Do not set Modbus address to 0 otherwise the E...

Page 210: ...ous section Additional EMPs 2 x Ethernet cable not supplied Device 6 3 4 2 Steps STEP 5 Connect the Ethernet cable to the TO SENSORS port of the first EMP and to the FROM DEVICE port of the second EMP STEP 6 Connect the Ethernet cable to the TO SENSORS port of the second EMP and to the FROM DEVICE port of the third EMP Use the supplied tie wraps to secure the RS485 to USB cable to the Network cabl...

Page 211: ...P 3 Proceed to the commissioning refer to the contextual help for details Contextual help Environment Commissioning Status Click Discover The EMP connected to the Network module appears in the table Press the pen logo to edit EMP information and access its settings Click Define offsets to define temperature or humidity offsets if needed STEP 4 Define alarm configuration refer to the contextual hel...

Page 212: ...itches to 1 to set the EMP to the address 31 as indicated on the picture below 6 5 2 Commissioning the EMP Refer to the section Contextual help Environment Commissioning Status 6 5 3 Enabling temperature compensated battery charging in the UPS To enable the temperature compensated battery charging refer to the UPS user manual The temperature compensated battery charging feature needs to be enabled...

Page 213: ...Module is not connected to the network Solid yellow UPS Network Module is connected to the network but no activity detected Flashing yellow UPS Network Module is connected to the network and sending or receiving data AUX connector For Network Module accessories only Restart button Ball point pen or equivalent will be needed to restart Short press 6s Safe software restart firmware safely shutdown b...

Page 214: ...aracteristics Physical characteristics Dimensions wxdxh 132 x 66 x 42 mm 5 2 x 2 6 x 1 65 in Weight 70 g 0 15 lb RoHS 100 compatible Storage Storage temperature 25 C to 70 C 14 F to 158 F Ambient conditions Operating temperature 0 C to 70 C 32 F to 158 F Relative humidity 5 95 noncondensing Module performance Module input power 5V 12V 5 1A AUX output power 5V 5 200mA Date Time backup CR1220 batter...

Page 215: ...ues IP network DHCP enabled NTP server pool ntp org Port 443 https 22 ssh 161 snmp 162 snmp trap 25 smtp 8883 mqtts 123 ntp 5353 mdns sd 80 http 514 syslog 636 LDAP 1812 RADIUS Web interface access control User name admin Password admin Settings Device data connector USB RNDIS Apipa compatible IP address 169 254 0 1 Subnet mask 255 255 0 0 7 3 Default settings and possible parameters 7 3 1 Setting...

Page 216: ...s 128 characters maximum Hide IP address from the email body enable disabled Status Active Inactive Alarm notifications Active No Yes All card events Subscribe Attach logs Critical alarm Subscribe Attach logs Warning alarm Subscribe Attach logs Info alarm Subscribe Attach logs All device events Subscribe Attach measures Attach logs Critical alarm Subscribe Attach measures Attach logs Warning alarm...

Page 217: ... enable 6 32 disable Minimum upper case enable 0 32 disable Minimum lower case enable 0 32 disable Minimum digit enable 0 32 disable Special character enable 0 32 disable Password expiration Number of days until password expires disabled Main administrator password never expires disabled Number of days until password expires disable enable 1 99999 Main administrator password never expires disable ...

Page 218: ...Default settings and possible parameters Information 220 ...

Page 219: ...ecurity SSL None Start TLS SSL Verify server certificate disabled enabled Primary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Secondary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Credentials Anonymous search bind disabled enabled Search user DN 1024 characters maximum Password 128 characters maximum Search base Search base DN 102...

Page 220: ...e format hh mm ss 24h Configure Active Yes No Retry number 0 to 128 Primary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Secondary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Users preferences Language English French German...

Page 221: ...able checked Mode DHCP Enabled Active Inactive Mode DHCP Manual Address Prefix Gateway DNS DHCP Hostname device MAC address Mode DHCP Hostname 128 characters maximum Mode DHCP Manual Domain name Primary DNS Secondary DNS Ethernet Configuration Auto negotiation Configuration Auto negotiation 10Mbps Half duplex 10Mbps Full duplex 100Mbps Half duplex 100Mbps Full duplex 1 0 Gbps Full duplex HTTPS Por...

Page 222: ...od DIsabled in UDP Using unicode byte order mask BOM disabled Inactive Active Server 1 Name 128 characters maximum Status Disabled Enabled Hostname 128 characters maximum Port x xxx Protocol UDP TCP Message transfer method Non transparent framing Using unicode byte order mask BOM disable enable Server 2 Name 128 characters maximum Status Disabled Enabled Hostname 128 characters maximum Port x xxx ...

Page 223: ...le Community 1 128 characters maximum Enabled Inactive Active Access Read only Community 2 128 characters maximum Enabled Inactive Active Access Read Write SNMP V3 disable enable User 1 32 characters maximum Enabled Inactive Active Access Read only Read Write Authentication Auth SHA 1 None Password 128 characters maximum Confirm password 128 characters maximum Privacy Secured AES None Key 128 char...

Page 224: ...compatible Card System Information Transport RTU TCP Access None Read only Read Write Illegal read behaviour Return exception Return zeros IP filtering IP address Coil register base address shift No shift Shift by 1 JBUS BACnet BACnet IP Inactive BACnet IP Inactive Active Device Id Automatically generated must be unique 4194304 characters maximum Device Name Automatically generated must be unique ...

Page 225: ...ntry FR State or Province 38 City or Locality Grenoble Organization name Eaton Organization unit Power quality Contact email address blank Common name 64 characters maximum Country Country code State or Province 64 characters maximum City or Locality 64 characters maximum Organization name 64 characters maximum Organization unit 64 characters maximum Contact email address 64 characters maximum 7 3...

Page 226: ...nfiguration Default setting Possible parameters Temperature Enabled No Low critical 0 C 32 F Low warning 10 C 50 F High warning 70 C 158 F High critical 80 C 176 F Enabled No Yes low critical low warning high warning high critical Humidity Enabled No Low critical 10 Low warning 20 High warning 80 High critical 90 Enabled No Yes 0 low critical low warning high warning high critical 100 Dry contacts...

Page 227: ...te format MM DD YYYY Time format hh mm ss 24h Temperature C Celsius Account details Full name 128 characters maximum Email 128 characters maximum Phone 64 characters maximum Organization 128 characters maximum Preferences Language English French German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Date format MM DD YYYY YYY MM DD DD MM YYY DD MM YYY DD MM YYY DD MM YYYY T...

Page 228: ... test Abort Logs configuration 7 4 3 Controls Administrator Operator Viewer Control 7 4 4 Protection Administrator Operator Viewer Protection Scheduled shutdowns Administrator Operator Viewer Protection Agent list Administrator Operator Viewer Protection Agent settings Administrator Operator Viewer Protection Sequence 7 4 5 Environment Administrator Operator Viewer Environment Commissioning ...

Page 229: ...dministrator Operator Viewer General Administrator Operator Viewer Local users Administrator Operator Viewer Remote users Administrator Operator Viewer Network Protocols Administrator Operator Viewer SNMP Administrator Operator Viewer Industrial protocols Modbus Industrial protocols BACnet for INDGW only Administrator Operator Viewer Certificate 7 4 7 Maintenance Administrator Operator Viewer ...

Page 230: ...perator Viewer Resources Administrator Operator Viewer System logs 7 4 8 Legal information Administrator Operator Viewer Legal information 7 4 9 Alarms Administrator Operator Viewer Alarm list Export Clear 7 4 10 User profile Administrator Operator Viewer User profile 7 4 11 Contextual help Administrator Operator Viewer Contextual help Full documentation ...

Page 231: ...p test Administrator Operator Viewer logout Administrator Operator Viewer maintenance Administrator Operator Viewer modbus_message_display for INDGW only Administrator Operator Viewer modbus_statistics for INDGW only Administrator Operator Viewer netconf read only read only Administrator Operator Viewer ping ping6 Administrator Operator Viewer reboot Administrator Operator Viewer ...

Page 232: ...ceroute6 Administrator Operator Viewer whoami Administrator Operator Viewer email test Administrator Operator Viewer systeminfo_statistics Administrator Operator Viewer certificates 7 5 List of event codes To get access to the Alarm log codes or the System log codes for email subscription see sections below 7 5 1 System log codes To retrieve System logs navigate to Contextual help Maintenance Syst...

Page 233: ...w self PKI signed certificate generated imported for service server logSystem csv 0E00300 Warning The self PKI signed certificate of the service server will expires in X days logSystem csv 0800700 Warning User account password expired logAccount csv 0800900 Warning User account locked logAccount csv 0C00100 Warning Unable to send email Smtp server is unknown logSystem csv 0C00200 Warning Unable to...

Page 234: ...ssage logSystem csv 0800100 Notice User account created user account id logAccount csv 0800200 Notice User account deleted user account id logAccount csv 0800400 Notice User account name changed user account id logAccount csv 0800600 Notice User account password changed logAccount csv 0800800 Notice User account password reset user account id logAccount csv 0800A00 Notice User account unlocked log...

Page 235: ...0 Info Time with NTP synchronized logSystem csv 0B00600 Info Time settings changed logSystem csv 0B01100 Info Time reset to last known date date logSystem csv 0C00F00 Info Test email 1000100 Info Settings saving requested logSystem csv 1000200 Info feature settings saved logSystem csv 1000A00 Info Settings restoration requested logSystem csv 1000E00 Info feature settings restoration success logSys...

Page 236: ...ry voltage high critical Battery voltage OK Check battery 62D Critical Battery charge current low critical Battery charge current OK Check battery 62F Critical Battery charge current high critical Battery charge current OK Check battery 631 Critical Battery discharge current low critical Battery discharge current OK Check battery 633 Critical Battery discharge current high critical Battery dischar...

Page 237: ...nput AC voltage in range 109 Warning Input AC voltage out of range Input AC voltage in range 110 Warning Building alarm through dry contact Building alarm OK 11F Warning Building alarm through Network module Building alarm OK 10A Warning Input AC unbalanced End of input AC unbalanced 200 Warning Bypass phase out range Bypass phase in range 201 Warning Bypass not available Bypass available Service ...

Page 238: ...arge current high warning Battery charge current OK Check battery 630 Warning Battery discharge current low warning Battery discharge current OK Check battery 632 Warning Battery discharge current high warning Battery discharge current OK Check battery 634 Warning Battery temperature low warning Battery temperature OK Check battery 636 Warning Battery temperature high warning Battery temperature O...

Page 239: ...er replacement Batteries aging condition cleared 7 5 2 3 Info Code Severity Active message Non active message Advice 005 Info Communication lost with UPS Communication recovered with UPS Service required 009 Info On high efficiency On ESS mode High efficiency disabled ESS disabled 013 Info Upgrading limited communication End of upgrade mode 101 Info On AVR Boost End of AVR Boost 102 Info On AVR Bu...

Page 240: ... thermal overload No power overload 2112 Critical DCDC converter failure DCDC converter OK 2132 Critical Parallel UPS protection lost Parallel UPS protection OK 2143 Critical Maintenance bypass Not on maintenance bypass 2188 Critical Bypass AC module failure Bypass AC module OK 2191 Critical Battery fault Battery OK Check battery 2192 Critical Fuse fault Fuse OK 2193 Critical Fan fault Fan OK 2199...

Page 241: ...K 2011 Warning Output frequency out of range Output frequency in range 2021 Warning Charger temperature alarm Charger temperature OK 2023 Warning Max charger voltage Charger voltage OK 2025 Warning Power overload No power overload 2027 Warning Output over current No output over current 2028 Warning DC bus too high DC bus voltage OK 2029 Warning DC bus too low DC bus voltage OK 2032 Warning Battery...

Page 242: ...er closed 2326 Warning Bypass phase out range Bypass phase in range 2327 Warning Bypass voltage out of range Bypass voltage in range 2366 Warning Bypass bad wiring Bypass wiring OK 7 5 3 3 Info Code Severity Active message Non active message Advice 2063 Info Communication lost Communication recovered 2196 Info On AVR Buck End of AVR Buck 2197 Info On AVR Boost End of AVR Boost 2227 Info On high ef...

Page 243: ...ation lost Communication recovered 1202 Warning Temperature is low Temperature is back to normal 1203 Warning Temperature is high Temperature is back to normal 1212 Warning Humidity is low Humidity is back to normal 1213 Warning Humidity is high Humidity is back to normal 7 5 4 3 With settable severity Code Severity Active message Non active message Advice 1221 Settable Contact is active Contact i...

Page 244: ...essage Non active message Advice 1016 Info Protection sequential shutdown scheduled Protection sequential shutdown canceled 1017 Info Protection sequential shutdown in progress Protection sequential shutdown completed 1054 Info Protection agent is in unknown state Protection agent is in service 1055 Info Protection agent is starting Protection agent is in service 1056 Info Protection agent is stop...

Page 245: ...t whenever the UPS transfers on battery then sent every minutes until the UPS Comes back to AC Input 1 3 6 1 2 1 33 2 0 3 Sent whenever an alarm appears The matching alarm oid is added as bound variables in the table below 1 3 6 1 2 1 33 2 0 4 Sent whenever an alarm disappears The matching alarm oid is added as bound variables in the table below Alarm oid at 1 3 6 1 2 1 33 1 6 3 x Description when...

Page 246: ... 4 1 534 1 11 4 1 0 6 Battery OK 1 3 6 1 4 1 534 1 11 4 1 0 7 Power overload 1 3 6 1 4 1 534 1 11 4 1 0 8 Internal failure 1 3 6 1 4 1 534 1 11 4 1 0 10 Inverter internal failure 1 3 6 1 4 1 534 1 11 4 1 0 11 Bypass mode 1 3 6 1 4 1 534 1 11 4 1 0 12 Bypass not available 1 3 6 1 4 1 534 1 11 4 1 0 13 Load not powered 1 3 6 1 4 1 534 1 11 4 1 0 14 On battery 1 3 6 1 4 1 534 1 11 4 1 0 15 Building a...

Page 247: ...never one status of each humidity changes 1 3 6 1 4 1 534 6 8 1 4 0 1 Sent whenever one status of each digital input alarm changes 7 7 CLI CLI can be accessed through SSH Serial terminal emulation refer to section Servicing the Network Management Module Installing the Network Module Accessing the card through serial terminal emulation It is intended mainly for automated configuration of the networ...

Page 248: ...start of the line CTRL E Move to the end of the line up Move to the previous command line held in history down Move to the next command line held in history left Move the insertion point left one character right Move the insertion point right one character DELETION KEYS CTRL C Delete and abort the current line CTRL D Delete the character to the right on the insertion point CTRL K Delete all the ch...

Page 249: ...p history cr Display the current session s command line history by default display last 10 commands Unsigned integer Set the size of history list zero means unbounded Example history 6 display the 6 last command 7 7 4 3 Specifics 7 7 4 4 Access rights per profiles Administrator Operator Viewer history 7 7 5 ldap test 7 7 5 1 Description Ldap test help to troubleshoot LDAP configuration issues or w...

Page 250: ...ry Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional ldap test checkmappedgroups primary secondary v Check LDAP mapping p primary Force the test to use primary server optional s secondary Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional Quick guide for testing In case of issue with LDAP con...

Page 251: ...iewer logout 7 7 7 maintenance 7 7 7 1 Description Creates a maintenance report file which may be handed to the technical support 7 7 7 2 Help maintenance cr Create maintenance report file h help Display help page 7 7 7 3 Specifics 7 7 7 4 Access rights per profiles Administrator Operator Viewer maintenance 7 7 8 modbus_message_display This section is only for the Modbus Network Module INDGW ...

Page 252: ...4 Access rights per profiles Administrator Operator Viewer modbus_message_display for INDGW only 7 7 9 modbus_statistics 7 7 9 1 Description modbus_statistics displays Modbus RTU and TCP status and server statistics Bus character overrun count Bus frame error count Bus parity error count Buffer overrun count Bus message count Valid message count CRC error count Incoming message count Discarded mes...

Page 253: ...s_statistics for INDGW only 7 7 10 netconf 7 7 10 1 Description Tools to display or change the network configuration of the card 7 7 10 2 Help For Viewer and Operator profiles netconf h Usage netconf OPTION Display network information and change configuration h help display help page l lan display Link status and MAC address 4 ipv4 display IPv4 Mode Address Netmask and Gateway 6 ipv6 display IPv6 ...

Page 254: ...alues set custom Network address Netmask and Gateway manual domain name primary DNS secondary DNS automatically set Domain name Primary and Secondary DNS dhcp i set ipv4 mode Mode values set custom Network address Netmask and Gateway manual network mask gateway automatically set Network address Netmask and Gateway dhcp x set ipv6 status Status values enable IPv6 enable disable IPv6 disable x set i...

Page 255: ...utility uses the ICMP protocol s mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway ECHO_REQUEST datagrams pings have an IP and ICMP header followed by a struct timeval and then an arbitrary number of pad bytes used to fill out the packet c Specify the number of echo requests to be sent h Specify maximum number of hops Hostname or IP Host name or IP address ping...

Page 256: ...pecifics 7 7 12 4 Access rights per profiles Administrator Operator Viewer reboot 7 7 13 save_configuration restore_configuration 7 7 13 1 Description Save_configuration and restore_configuration are using JSON format to save and restore certain part of the configuration of the card 7 7 13 2 Help save_configuration h save_configuration print the card configuration in JSON format to standard output...

Page 257: ...he user shall have administrator profile PASSWORD is the user password PASSPHRASE is any passphrase to encrypt decrypt sensible data CARD_ADDRESS is IP or hostname of the card FILE is a path to the JSON file on your host computer where the configuration is saved or restored 7 7 13 4 Specifics 7 7 13 5 Access rights per profiles Administrator Operator Viewer save_configuration restore_configuration...

Page 258: ... 3 Specifics 7 7 15 4 Access rights per profiles Administrator Operator Viewer ssh keygen 7 7 16 time 7 7 16 1 Description Command used to display or change time and date 7 7 16 2 Help For Viewer and Operator profiles time h Usage time OPTION Display time and date h help display help page p print display date and time in YYYYMMDDhhmmss format For Administrator profile ...

Page 259: ...d alternate NTP servers time set ntpmanual fr pool ntp org de pool ntp org 7 7 16 3 Examples of usage Set date 2017 11 08 and time 22 00 time set manual 201711082200 Set preferred and alternate NTP servers time set ntpmanual fr pool ntp org de pool ntp org 7 7 16 4 Specifics 7 7 16 5 Access rights per profiles Administrator Operator Viewer time read only read only 7 7 17 traceroute and traceroute6...

Page 260: ...file Realm 7 7 18 2 Specifics 7 7 18 3 Access rights per profiles Administrator Operator Viewer whoami 7 7 19 email test 7 7 19 1 Description mail test sends test email to troubleshoot SMTP issues 7 7 19 2 Help Usage email test command Test SMTP configuration Commands email test h help Display help page email test r recipient recipient_address Send test email to the recipient_address Email address...

Page 261: ...age CPU usage upSince date since the system started Ram total MB free MB used MB tmpfs temporary files usage MB Flash user data total MB free MB used MB 7 7 20 2 Help systeminfo_statistics Display systeminfo statistics h help Display the help page 7 7 20 3 Specifics 7 7 20 4 Access rights per profiles Administrator Operator Viewer systeminfo_statistics 7 7 21 certificates 7 7 21 1 Description Allo...

Page 262: ...tes local import SERVICE_NAME csr over SSH sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local csr mqtt 7 7 21 3 2 From a Windows host plink tools from putty is required print over SSH plink USER CARD_ADDRESS pw PASSWORD batch certificates local print SERVICE_NAME revoke over SSH plink USER CARD_ADDRESS pw PASSWORD batch certificates local revoke SERVICE_NAME export over SSH plink USER CAR...

Page 263: ...l org This product includes cryptographic software written by Eric Young eay cryptsoft com This product includes software released under MIT license and developed by various projects peoples and entities such as but not limited to Google Inc the AngularUI Team Lucas Galfasó nerv Angular Konstantin Skipor Filippo Oretti Dario Andrei The angular translate team and Pascal Precht Twitter Inc Zeno Roch...

Page 264: ...nsfer Protocol HTTP within a connection encrypted by Transport Layer Security TLS IPP Intelligent Power Protector is a web based application that enables administrators to manage an Devices from a browser based management console Administrators can monitor manage and control a single Device UPS ATS ePDU locally and remotely A familiar browser interface provides secure access to the Device Administ...

Page 265: ...ting and organizing information about managed devices on IP networks and for modifying that information to change device behavior SSH Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network SSL Secure Sockets Layer is a cryptographic protocol used for network traffic TCP Transmission Control Protocol TLS Transport Layer Security is cryptog...

Page 266: ...Acronyms and abbreviations Information 268 ...

Page 267: ...onfigure the UPS settings and allow remote commands Example UPS menu Settings ON OFF settings Remote command Enable 8 2 Card wrong timestamp leads to Full acquisition has failed error message on Software 8 2 1 Symptoms IPP IPM shows the error message The full data acquisition has failed even if the credentials are correct 8 2 2 Possible cause The Network module timestamp is not correct Probably th...

Page 268: ...ice and Servicing the EMP Installing the EMP Daisy chaining 3 EMPs 2 Disconnect and reconnect the USB to RS485 cable 3 Launch the discovery if it is still not ok go to Action 1 3 8 4 1 4 Action 1 3 1 Reboot the Network module 2 Launch the discovery 8 4 2 Symptom 2 The EMPs orange RJ45 LEDs are not blinking 8 4 2 1 Possible causes C 1 the EMP address switches are all set to 0 C 2 the EMPs are daisy...

Page 269: ...rk Module Certificates of IPP IPM and the Network Module are not matching so that authentication and encryption of connections between the Network Module and the shutdown agents is not working 8 6 3 Setup IPP IPM is started Network module is connected to the UPS and to the network 8 6 4 Action 1 Check if the IPP IPM certificate validity for the Network Module STEP 1 Connect to the Network Module O...

Page 270: ...nnections to the Network Module are automatically trusted and accepted STEP 4 Action on the agent IPP IPM while the time to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls 8 7 LDAP configuration commissioning is not working Refer to the section Servicing the Network Mana...

Page 271: ...list has been cleared and is now empty 8 10 2 Action The alarm list has been saved on a csv file and can be retrieved using Rest API calls 8 10 2 1 Authenticate curl location request POST https domain rest mbdetnrs 1 0 oauth2 token header Content Type application json data raw username admin password supersecretpassword grant_type password scope GUIAccess 8 10 2 2 Get Alarm Log Backup curl locatio...

Page 272: ...tting the IP address section 8 12 Web user interface is not up to date after a FW upgrade 8 12 1 Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed An infinite spinner is displayed on a tile 8 12 1 1 Possible causes The browser is displaying the Web interface through the cache that contains previous FW data 8 12 1 2 Action Empty the cache of y...

Page 273: ......